More example of argument and shell command injections in browser invocation

computer unix debian security shell

In the previous episode, I talked about some argument and shell command injections vulnerabilities through URIs passed to browsers. Here I'm checkig some other CVEs which were registered at the same time.

Read more…

Argument and shell command injections in browser invocation

computer unix debian security shell

While reading the source of sensible-browser in order to understand how it was choosing which browser to call (and how I could tweak this choice), I found an argument injection vulnerability when handling the BROWSER environment variable. This lead me (and others) to a a few other argument and shell command injection vulnerabilities in BROWSER processing and browser invocation in general.

Read more…

Verifying authenticity of Debian CDs

computer debian

The official guide for verifying the authenticity of a Debian 🍥 CD image is not so clear if you don't already have an idea about what you're doing. Here is a translation in terms of shell commands.

Read more…

Page 1 of 1 | | Next page | JSON Feed | Atom Feed